>
    Strata Copilot
    Add a Peripheral
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Configure Enterprise DLP
    4. Endpoint DLP
    5. Add a Peripheral
    Download PDF
    Enterprise DLP

    Add a Peripheral

    Table of Contents

    Add a Peripheral

    Manual add a USB, printer, or network share peripheral device to Enterprise Data Loss Prevention (E-DLP) for protection using Endpoint DLP.
    On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP addresses to improve performance and expand availability for these services globally.
    You must allow these new service IP addresses on your network to avoid disruptions for these services. Review the Enterprise DLP Release Notes for more information.
    Where Can I Use This?What Do I Need?
    Prisma Access (Managed by Strata Cloud Manager)
    • Endpoint DLP license
    • Autonomous DEM 5.3.4 or later
    • Prisma Access Agent
    • Prisma Access 5.1 (Preferred or Innovation) or later
    Add a USB, printer, or network share peripheral device to Enterprise Data Loss Prevention (E-DLP) for endpoint protection. Only one type of peripheral device can be added at a time.
    Adding peripheral devices is required only if you want to allow or block access to specific peripheral devices. If you want to allow or block access to all peripheral devices of any type, you can create an Endpoint DLP policy rule configured for this purpose. Enterprise DLP supports the following peripheral for Endpoint DLP protection.
    Peripheral devices added to Enterprise Data Loss Prevention (E-DLP) cannot be deleted.

    Add a USB Peripheral to Endpoint DLP

    Manually add a USB peripheral device to Enterprise Data Loss Prevention (E-DLP) for protection using Endpoint DLP.
    1. Log in to Strata Cloud Manager.
    2. Select ConfigurationData Loss PreventionSettingsPeripheral Configuration.
    3. Select Add PeripheralManual.
    4. Select USB.
    5. Configure the details for the USB peripheral you're adding.
      To add a USB peripheral device to Enterprise DLP, you must enter the peripheral Name and either the Serial Number, Vendor ID, or Product ID.
      For example, you enter only the peripheral Name and Vendor ID, but not the Serial Number or Product ID. This meets the minimum configuration requirements and you can successfully add the peripheral.
      Manufacturer and Model are optional and used to filter your USB peripherals.
      • Name—Name of the USB. The Name is displayed in Strata Cloud Manager when managing your Endpoint DLP configurations and in your Enterprise DLP incidents.
      • (Optional) Manufacturer—Name of the company that manufactured the USB.
      • (Optional) Model—Model of the USB peripheral.
      • Serial Number—Unique identifier of the specific USB peripheral.
      • Vendor ID—Unique number used to identify the manufacturer of the USB peripheral.
      • Product ID—Unique number used to identify a specific USB product line.
      • (Optional) Description—Description of the USB peripheral.
    6. Save.
    7. Create a Peripheral Group to group multiple USB peripheral devices and apply the same security enforcement.
      You must create peripheral groups to create an Endpoint DLP policy rule.

    Add a Network Share Peripheral to Endpoint DLP

    Manually add a network share peripheral device to Enterprise Data Loss Prevention (E-DLP) for protection using Endpoint DLP.
    1. Log in to Strata Cloud Manager.
    2. Select ConfigurationData Loss PreventionSettingsPeripheral Configuration.
    3. Select Add PeripheralManual.
    4. Select Network Share.
    5. Configure the details for the network share peripheral you're adding.
      The network share peripheral Name and Server Name or IPv4 Address are required.
      Server Name or IPv4 Address and the optional Directory Path are used to filter your Network Share peripherals.
      • Name—Name of the network share. The Name is displayed in Strata Cloud Manager when managing your Endpoint DLP configurations and in your Enterprise DLP incidents.
      • Server Name or IPv4 Address—Fully Qualified Domain Name (FQDN) or IPv4 address of the network share.
      • (Optional) Directory Path—Network directory path of the network share.
      • (Optional) Description—Optional description of the network share peripheral.
    6. Save.
    7. (Optional) Create a Peripheral Group to group multiple network share peripheral devices and apply the same security enforcement.
      You must create peripheral groups to create an Endpoint DLP policy rule.

    add a Printer Peripheral to Endpoint DLP

    Manual add a printer peripheral device to Enterprise Data Loss Prevention (E-DLP) for protection using Endpoint DLP.
    1. Log in to Strata Cloud Manager.
    2. Select ConfigurationData Loss PreventionSettingsPeripheral Configuration.
    3. Select Add PeripheralManual.
    4. Select Printer.
    5. Configure the details for the USB peripheral you are adding.
      To add a printer peripheral device to Enterprise DLP, you must enter the peripheral Name and select the printer Printer Type.
      Printer Type is also used to filter your Printer peripherals.
      • Name—Name of the printer. The Name is displayed in Strata Cloud Manager when managing your Endpoint DLP configurations and in your Enterprise DLP incidents.
      • Printer Type—Select the type of printer device you are adding. You can select USB Printer or Network Printer.
        • USB Printer—Printer peripheral device physically connected to the endpoint using a USB cable.
        • Network Printer—Printer peripheral device accessible to the endpoint through the network.
      • (Optional) Model—Model of the USB.
      • USB Printer
        To add a USB printer peripheral device, you must enter either the Serial Number, Vendor ID, or Product ID.
        For example, you enter only the peripheral Vendor ID, but not the Serial Number or Product ID. This meets the minimum configuration requirements and you can successfully add the peripheral.
        • (Optional) Manufacturer—Name of the company that manufactured the USB printer.
        • (Optional) Model—Model of the printer.
        • Serial Number—Unique identifier of the specific USB printer.
        • Vendor ID—Unique number used to identify the manufacturer of the USB printer.
        • Product ID—Unique number used to identify a specific USB printer product line.
      • Network Printer
        The network printer peripheral Server Name or IPv4 Address is required.
        • Server Name or IPv4 Address—Fully Qualified Domain Name (FQDN) or IPv4 address of the network printer.
        • (Optional) Directory Path—Network directory path of the network printer.
      • (Optional) Description—Description of the USB peripheral.
    6. Save.
    7. (Optional) Create a Peripheral Group to group multiple printer peripheral devices and apply the same security enforcement when you create your Endpoint DLP security policy rule. You can group USB and network printers in the same peripheral group.

    © 2025 Palo Alto Networks, Inc. All rights reserved.